Security leaders rely on AI, machine learning to defend assets: Cisco

Security leaders are increasingly depending on machine learning and artificial intelligence to defend their assets against threats as malware sophistication rises with hackers trying to weaponise cloud services and evade detection via encryption, according to a report by Cisco.

While encryption is meant to enhance security, the expanded volume of encrypted web traffic (50% as of 31 October 2017) — both legitimate and malicious — has created more challenges for defenders trying to identify and monitor potential threats, the report said.

“Last year’s evolution of malware demonstrates that our adversaries continue to learn,” said John N Stewart, senior vice president and chief security and trust officer, Cisco. “We have to raise the bar now – top-down leadership, technology investments, and effective security – there is too much risk and it is up to us to reduce it,” Stewart said.

As per the report, security professionals are investing in automation, AI and ML — nearly 39% of organisations are relying on automation and about 34% are relying on ML alongside 32% of organisations that are betting on AI.

"Applying machine learning can help enhance network security defenses and, over time, 'learn' how to automatically detect unusual patterns in encrypted web traffic, cloud, and IoT environments," the report said.

More than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities and out-of-pocket costs, as per the report.

Over 25% of security professionals said they used products from 11 to 20 vendors in 2017 compared with 18% of security professionals in 2016. "Over 32% of breaches affected more than half of their systems, compared with 15% in 2016," it said.